Anonymous payment for hardware tokens
peter at digitalbrains.com
Wed Feb 4 14:34:29 CET 2015
On 04/02/15 13:56, NIIBE Yutaka wrote:
> I meant, something in a JTAG/SWD protocol layer (not by user
> program), built-in _hardware_ feature by semiconductor manufacturer to
> show hash of flash blocks.
But Gnuk is not secret, so the flash doesn't need to be read-protected. And if
you need a JTAG programmer to read the hash, you might as well reflash the MCU
to your known-good Gnuk.
I'm trying to think of a way to have the actual hardware present a hash to a
user who doesn't own a JTAG programmer, but it's tricky :). I thought of
something like dedicated pins connected to a shift register (so you don't need
256 pins), where only the hardware can shift out the actual hash; using the pins
from the firmware would be prevented. But then you need a display on your token.
Having four 7-segment LED displays on your token that displays the hash in
groups of 4 hex digits won't exactly make for a compact arrangement :).
Perhaps it could use a serial format as used by the serial port on a PC
(asynchronous start/stop). Then you could connect a USB-to-serial converter to
the pins on the token and see what the MCU is reporting as its hash.
All nicely academic musings, in the sense that I don't see an MCU with this
feature coming to the market soon...
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users